Wireless, securing and all you need to know!

Hey everyone, nickspohn here, a lot of information on wireless here and to keep your network safe!


802.11b WI-FI
802.11B operates at a peak speed of 11mbps, though you'll typically expierence speeds closer to 4mpbs to 8mbps, unless you're physically adjacent to the wireless access point. However, even at these speeds, Wi-Fi is mostly good enough: All forms of Internet services run at acceptable speeds, save perhaps online games, and local networking is speedy enough for all but the largest file transfers. 802.11B is also acceptably fast for streaming music, but not video.
Where 802.11B Wi-Fi starts to fall apart a bit is in security, which can be partially addressed becuase each wirelessly connected device has to share the 11mbps of total bandwidth, further lowering speeds if two or more users are connected simultaneously. In that way, an 802.11B access point is more like an Ethernet hub than a switch.
802.11A, 802.11G Wi-Fi, and the future
To address the limitaions of Wi-Fi, the IEEE aproved two faster wireless standards, both of which offer peek speeds of 54mbps, about 5 timess the speed of Wi-Fi. Unfortunatly, both these standards has emerged as the clear market leader. The first of these new standards is called 802.11a. This technology runs on a different frequency band than 802.11b, meaning that it has more headroom for expansion and less chance of interference from electronics devices in the home, a problem facing Wi-Fi users. But becuase it runs on a different frequency band, it is also incompatible with Wi-Fi, meaning that Wi-Fi and 802.11a hardware cannot interoperate; you can use both technologies simultaneously on the same home network card. As a result, 802.11a hasn't really taken off, exept in certain corporate enviorments. (Businesses, schools, some homes, etc.) Certainly, 802.11a isnt a viable home networking solution.
802.11G (Wireless G)
The second emerging standard, 802.11G, or Wireless G, addresses the compatibility issues by running on the same frequency band as 802.11B Wi-Fi (for this reason, the IEEE foolishly refers to 802.11g as Wi-Fi as well). But 802.11G brings with it the same problems that face Wi-Fi: Becuase the 2.4GHz frequency band used by these technologies is so crowded, the chance of interference is higher. In addition, 802.11G cant actually hit its peak speed of 54mbps; instead it is limited to 20 to 24 Mbps, still quite speedy, and certainly fast enough to handle the most strenuous networking tasks, including streaming video and pushing massive file transfers.
802.11g can also be significantly more secure than 802.11b becuase most 802.11g gear supports a newer security standard called Wireless Protected Access (WPA), a significant improvement over the broken security technology used by most 802.11b products; that technology, dubbed Wired Equivalency Privacy (WEP), can be beaten pretty easily even by unsophisticated hackers. But thanks to dynamic encryption and mutual authentication technologies, WPA pretty much solves all of the security issues with WEP.
But regardless of the technology you choose, setup and configuration will be similar.
Setting Up a Secure Wireless Network
Before you can set up your wireless network, you need to consider your needs, the hardware you'll use, and the cost. The simpliest possible wireless network requires just two wireless network interface cards (NICs): You place one in a PC-typically, a laptop-that will connect wirelessly. Such a network is called an ad-hoc wireless network, and it can only exist between two PCs.
But if you think you'll ever want to use more than one PC wirelessly-and i think I can assume this is the case-you have to add a wireless access point or a wireless enabled broadband router. More important, perhaps: Ad-hoc wireless networks can't be secured. So even if your only using two PCs, you sould consider a WAP or similiar hardware-based wireless solution.
Using an Access Point
A wireless access point (WAP) is a piece of hardware that plugs into your existing network with a standard Ethernet cable, and it can supply wireless networking access to several PCs. Access points are much cheaper than they used to be, and many companies, including Linksys, D-Link, Belkin, offer devices that don't cost much more than a wireless NIC. In fact, given the low price of these devices and the ease with which you can add one to your existing network.
An Access point is the logical starting point for anyone looking to add wireless support to an existing network. If your using a switch, hub, or broadband router that offers multiple Ethernet ports, you simply plug in the access points power cord and then connect it to the wired network using a standard 10 or 100mbps Ethernet Cable.
In addition to the access point, such a setup requires one wireless network card for each PC that will access the network wirelessly.
Connecting to a Wireless Network
Note: This is for Windows XP users in setting up a wireless network.

One of the most best features of windows Xp is its native support for wireless connectivity based on the Wi-Fi standard. But this feature is far more powerful than simple device detection. Instead, XP clients also automatically detect any nearby wireless networks. XP also automatically connects to the fastest possible network connection.
Say you've got a wirelessly enabled laptop that also features a standard 100mbps etherent port for wired network connectivity. If both connections are active-that is, the wired network is plugged in, and the wireless network connection has detected a wireless network to which it has access rights-XP automatically uses the faster, wired network. Likewise, if you have a choice of wireless networks-mpre typical in an office situation, naturally-then XP picks the wireless network with the best connectivity.
At home, XP wont generally have multiple wireless networks from which to choose. However, XP will be sure to use whatever bandwidth is currently available.
Go to see what wireless networks are available by locating the wireless network connection icon, right click it, and choose View Avialable Networks. The displays the wireless Network connection utility. (This is a nice new feature for SP2 Users).
What you see here depends largely on your setup, but you should see at least one wireless network listed under Choose a wireless network, and it should match the wireless network you recently set up (it is hoped that you changed the default name of the network so that it isn't listed as default, linksys, etc.
If you dont see any wireless networks, you haven't set up your wireless access point correctly.
If you see other wireless networks-that is, wireless networks that you didnt set up and configure-its possible that they belong to neighbors or others nearby. PLEASE BE A GOOD NEIGHBOR AND DONT USE YOUR NEIGHBORS BANDWIDTH. IT IS ILLEGAL!, and let them know that there network is open to the world, make sure when your network is setup that it is not avialable to the world also! Once you are connected after the computer is done connecting, you should be asked to put a network key in. IF NOT, your network is unprotected. THE SHAME! The Network key is either the WEP or the WPA pass phrase you picked during setup. Then when your done typing in your network key twice hit connect. If you did it right you will be connected! Good Job!
Fixing WEP's Security Problems
As i said earlier, there are two types of wireless security for home networks: WEP and WPA. The Following are ways to secure your WEP-based wireless network. Here's How!
Don't Broadcast you Wireless Network
By default, wireless access points broadcast the name, or SSID, of your wireless network so that wireless clients can discover and access it more easily. However, this broadcast capibility is simply a huge target for anyone who wants to steal your bandwidth or potentially hack into your network and access your private data. Therefore, the first thing you should do is change the name of your wireless network (and give it a complicated name) so that hackers cant guess what name to use. Then stop the access point from broadcasting the name.
When you make this change, you have manually configure your XP based wireless adapters so that they know to look for the right wireless network. Here are the instructions on how too:
1. Open Network Connections, right click the wireless network connection, and choose properties. This displays the properties dialog box for the wireless connection.
2. Navigate to the wireless network tab if neccessary and click Add. This displays the wireless network properties dialog box.
3. Enter the name of your wireless network in the network name (SSID) text box and select WEP from the Data Encryption drop down list box.
4. Click OK to close the dialog box and return to the Wireless Network Connections Properties dialog box.
5. Under the Prefered Networks section, delete any network names other than the one you just entered.
6. Click OK to finish
Filter Mac Addresses
The final task you can preform requires configuration only at the access point. Most access points can be configured to accept connections only from specific network adapters. This effectively shuts out other users from accessing your network wirelessly. Its called MAC filtering. And no, it doesn't mean your other Non windows computer (Apple mac, etc. wont work.
Network Adapters are identified by their MAC (Media Access Control) address, a series of alphanumeric characters that is guaranteed to be unique to each adapter. In fact, MAC addresses are so unique that Microsoft has tied its Windows Product Activation (WPA) technology to those retail Windows systems that include network adapters.
In windows XP, you can discover the MAC address of your wireless network adapter in various ways. The simplest way is:
1. Open a command-line window (start>all programs>accessories>Command Prompt).
2. Type ipconfig/all and the press enter.
The output will resemble the following:

Windows IP Configuration
Host Name.............................
Primary DNS Suffix...................
Node Type.............................
IP Routing Enabled...................
WINS Proxy Enabled.................

Ethernet adapter Wireless Network Connection
Connection-Specific DNS Suffix.
Description............................
Physical Address.....................
Dhcp Enabled.........................
Autoconfiguration Enabled........
IP Address.............................
Subnet Mask..........................
Default Gateway....................
DHCP Server..........................
DNS Servers..........................
Lease Obtained......................
Lease Expires.........................

The MAC Address is listed next to the Physical Address. If you have more than one network adapters, please make sure you enter the correct one.
After all this, you can ensure that only your wireless devices and your computers can access your wireless network.
Feel Safer? You should

Wireless Terms:

Network interface card (NIC): A wireless NIC is often referred to as a wireless adapter because many of these devices aren't cards at all

Access Point: Wireless connectivity can be added to an existing wired network using a wireless access point (WAP), which is either a dedicated hardware device, a combination hardware device that offers other services, or even a wireless adapter, which can be used in ad-hoc mode.

SSID (Service Set Identifier): Wireless networks are given names, or SSIDs, which makes identifying them easy. These names are similar to the computer names you create when making a Microsoft-style computer workgroup.

Wired Equivalency Privacy (WEP): Wireless networks are secured using wireless network key settings, an almost completely useless technology~my opinion.
WPA is makes WEP more obsolete.

Wireless Protected Access (WPA): A newer, more secure wireless security technology.

I hope this helps people a lot!
Nick Spohnholtz

 

hey Nick, great job on this and thanks for your efforts here, wireless is one of those things that's fantastic when it works, but when it doesn't it'll drive you bonkers and most people will glaze over with all the acronyms to sift through when you go to the help guides. But with various cities such as Philly and Minneapolis and then Google possibly offering free wi-fi in different areas everyone can benefit by having a basic knowledge of how this technology works.

 

Go philly ... soon to be the largest hotspot in the world. And I live there (back to univ there next week) YAY

But it seems it won't be free like they promissed at first. They are considering making it paid, but for small amount.

AND nickspohn great guide. Makin our forums richer ... glad to see you got the correct version up finally

 

Nick,

This was an excellent list of information regarding wireless technology. Although, there are a few minor corrections and additions I should add.

802.11A utilizes the 5Ghz frequency range, while 802.11B and 802.11G uses the 2.4GHz frequency range.

I'm assuming you meant to say that it can't be used simultaneously on the same network card. Although, a network card with 802.11A & B/G support can connect to an 802.11A, B or G network without any problems.

Wi-Fi standard for Wireless Fidelity and is a registered trademark of the Wi-Fi Alliance. Below is a quote from the Wi-Fi Alliance website ( www.wi-fi.org):

"The Wi-Fi Alliance (formerly WECA) is the global Wi-Fi organization that created the Wi-Fi brand. A nonprofit organization, the Alliance was formed in 1999 to certify interoperability of IEEE 802.11 products and to promote them as the global, wireless LAN standard across all market segments."

Current wireless radio technology is based on the IEEE 802.11 standard. The Wi-Fi Alliance is the organization that certifies that the wireless lan products from different manufacturers will interoperate with each other. Since it's all certified by the Wi-Fi Alliance, the 802.11G standard can be refered to as Wi-Fi as well as any other certified 802.11 wireless network product.

WPA is the acronym for Wi-Fi Protected Access. WEP is the acronym for Wired Equivalent Privacy.

Ad-Hoc networks can consist of more than 2 computers. Each computer requires its own wireless card. So it's not 100% necessary to get a Wireless Access Point or Wireless Router.

Below is a link that gives a brief description and diagram of how an ad-hoc network works. Just goto point #2.

http://www.vicomsoft.com/knowledge/reference/wireless1.html

I don't believe this is correct. On my notebook, when connected via Wireless to my Wireless router and surfing the web, I connect my Wired 100Mbit/s ethernet cable. I now have 2 connections to my router, but the actual link to the web is maintained on my wireless card. I believe Windows maintains it's original connection until dropped. Although, wireless connections do operate slightly differently. If there are multiple wireless access points available (for the same network), the wireless cards can be setup to "seek" the best connection (signal strength) and auto-switch to the better access point.

Again Nick, excellent work!

-Vb-

 

Thanks VB!
Just bringing this guide in new circulation also. Let me know if this has helped people!

 

Hey Nick!! That's a great guide, I'm sure it will be helpful to a lot of people.

I'll probably fall back to that when I need help too!

Chaz

 

Good job, Nick.

Stickied.

 

Everybody should use WPA instead of WEP and mac filtering. Hackers can spoof mac filtering and WEP in about an hour, so why does the router companies give us this garbage. I say the only way to go is still hardwire.

 

Overkill 99% of the time.

I'd like to know how.

Knives can be used to kill, so why do they sell them?

Welcome to the 19th century.

 

so did you attend defcon or something? people are more exposed with wep and mac addy filtering. ok, fromtheshadows.tv had a episode on how to hack with a linux opensource. that episode had 250,000 downloads. and there are tons of online how to's to finding this stuff. Where i heard the information in the previous post is from Security Now by Leo Laporte and Steve Gibson http://www.grc.com/securitynow.htm . Please dont dis me man.

 

Please dont start to fight in one of my guides. Please

 

I'm sorry about this thread. I shouldn't have never said anything, but after looking over my resources, it seemed as if needed to say something.

 

Very good information.

I just bought a laptop for my wife & did the setup last night.

We were planning on adding the expense of adding a wireless data card & signing with Sprint to allow us to connect wirelessly through their network ($60/mo).

After setting up the computer, I notice that we can connect through Wi-Fi either unsecured or secured. Of course the secured sites want us to enter the WEP or WPA key.

You explained what this is very well.

My question is how do I get a WPA key?

I've seen some key generators, but is that what I should do?

From what I have read, it seems that even WPA is not all that secure.

Maybe I should pay the $60/mo & be more secure.

Any thoughts?

 

WPA is fine for being safe. Its WEP that is the unsafe security.

To be extra protective, i would enable MAC filtering, and Disabling SSID broadcast. That way someone cant go on your network, unless they know the name you set it as. This is all in the sticky guide of mine, and you can do this yourself when you enter the router settings when installing, or typing 192.186.1.1 like you would type an internet address

 

I'm still not sure how to get or find my WPA key.

How do I do that?

 

You don't find your WPA key. You make your WPA key. Basically it's just a password. All you need to do is configure both the access point and the client machines with the same password.

 

Hi,

The article is so good.
I have Dell Inspiron 6000 laptop. If I connect the laptop with my "Qwest DSL Modem with wireless Gateway", The connection is changed to "Limited or No Connectivity" at regular interval of times. If I "Repair" it will be connected again or after sometimes it is connected to wireless automatically.

Other laptops are able to connect to my wireless gateway without any problem. Why is this Dell Inspiron 6000 disconnected often and reconnects?

Could you please provide me the solution?

Thanks,
Jijal

 

I'm assuming you're seeing other wireless networks in your vicinity. those are secured by whoever owns the router with a WPA password. if you already have internet access in your house, you just buy a router with Wi-Fi capability, and then connect the laptop through the router to the internet.

check Nickspohn's other guides on this forum on more detailed setup procedures.

those sprint cards you're talking about are basically for people that may need internet access pretty much anywhere you can get cell phone signal. travelling sales reps, site managers, etc. like I said, if you already have internet access, it's totally unnecessary.